Malicious hackers make up less than one-fourth of the overall hacker community, according to 70 percent of the respondents, who were surveyed by Tufin Technologies at the world's largest hacker conference.
And 70 percent say government security and privacy regulations don't make hacking into corporate networks any tougher. Another 15 percent say compliance initiatives have actually made hacking easier, while 15 percent say these programs have made it harder.
"These results further validate the reality that there is little common ground between compliance and security, but as an industry we have the collective knowledge and the resources to change that," says Michael Hamelin, chief security architect at Tufin. "While standards, such as PCI-DSS, provide a good baseline, organizations that assume achieving PCI compliance will solve their security woes are in for a rude awakening. With security and compliance budgets so deeply intertwined, it serves us as security professionals to make the two more synonymous. At the end of the day, the more accountable we are willing to be, the less we'll have to be."
Around 81 percent of hackers say they are more active around the winter holidays -- 56 percent say Christmas is the ideal time for corporate hacking, and 25 percent say New Year's Eve. Weekday nights are when they do most of their hacking, according to 52 percent of the respondents. More than 30 percent do so during business hours, and only 15 percent on weekends.
More than 85 percent say they can hack into a corporate network via the firewall: One-fourth say they could accomplish that within minutes, and 14 percent within a few hours. Another 16 percent say they won't bother hacking a firewall at all, even if they could get in that way.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.